General
-
Target
0cd9cf51666b258656afa5bcde345f57
-
Size
876KB
-
Sample
231230-dxth8aeac4
-
MD5
0cd9cf51666b258656afa5bcde345f57
-
SHA1
1db8c0fecf084441b2b07f5000760ff400aeda76
-
SHA256
58e3fd76a19b5822fb2768abbe9bc977913216110a1b32e1b405369dcf52be63
-
SHA512
fd55ab9c379ff291f0cbfcfa0bc08272a1d57da44d64262d6e1bbd74faaae17a09a13873e8c5525322f280d8f7d439f8faa2aac1646e7fe3a78128497114e1cc
-
SSDEEP
12288:DpN7uLp2iXSPQtt2NjFwo6ygaNrnCq518OfygkCTlfvWkPjM:D+Lp1tMNjmo6ygaRnHCO6lyvLA
Static task
static1
Behavioral task
behavioral1
Sample
0cd9cf51666b258656afa5bcde345f57.exe
Resource
win7-20231215-en
Malware Config
Extracted
redline
bkd2
103.246.146.247:3214
Targets
-
-
Target
0cd9cf51666b258656afa5bcde345f57
-
Size
876KB
-
MD5
0cd9cf51666b258656afa5bcde345f57
-
SHA1
1db8c0fecf084441b2b07f5000760ff400aeda76
-
SHA256
58e3fd76a19b5822fb2768abbe9bc977913216110a1b32e1b405369dcf52be63
-
SHA512
fd55ab9c379ff291f0cbfcfa0bc08272a1d57da44d64262d6e1bbd74faaae17a09a13873e8c5525322f280d8f7d439f8faa2aac1646e7fe3a78128497114e1cc
-
SSDEEP
12288:DpN7uLp2iXSPQtt2NjFwo6ygaNrnCq518OfygkCTlfvWkPjM:D+Lp1tMNjmo6ygaRnHCO6lyvLA
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-